-
-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(medusa-plugin-auth): added oauth2 as login strategy #119
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
I am thinking of something, since the purpose of the OAuth2 strategy would be to allow the users to use it for multiple purposes/plateform I would suggest that instead of directly creating a class that extends the PassportStrategy, we should probably create a function that return a class that extends passport strategy with a custom named strategy. That way we can have multiple instanced of it. In that case, we also need to allow an array of configuration for this strategy in tthe plugin config. wdyt? it would look like this: export function getOAuth2AdminStrategy(name: string) {
return class OAuth2AdminStrategy extends PassportStrategy(OAuth2Strategy, `${OAUTH2_ADMIN_STRATEGY_NAME}_${name}`) {
// ...
}
} // packages/medusa-plugin-auth/src/auth-strategies/oauth2/index.ts
export default {
load: (container: MedusaContainer, configModule: ConfigModule, options: AuthOptions): void => {
if (options.oauth2?.admin) {
const strategyOptions = Array.isArray(options.oauth2.admin) ? options.oauth2.admin : [options.oauth2.admin];
for (const strategyOption of strategyOptions) {
const OAuth2AdminStrategy = getOAuth2AdminStrategy(strategyOption.name);
new OAuth2AdminStrategy(container, configModule, strategyOption, options.strict);
}
}
}
} and so one. Let me know if thats no clear :) |
Sure! I totally agree. To be honest, I wanted to do it that way, but I changed my mind, telling myself that wasn't the point of the ticket. But as you point out, I agree. |
In that case ill do a final review and merge but not released to not have a breaking changes api in btween |
Yep yep. I'll stat thinking about how to refactor the code for that and check for the steam integration too |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
I will merge this one today, in the followup pr would you be up to add a doc page for oauth2 similar to the other providers :) |
Sure @adrien2p! But let's add documentation after the change of the structure. How do you think this? |
I wrote the doc in the #121 |
I think that in terms of changes, most of it is part of my comment above with the code snippet. For the configuration, I think it can just be an array of OAuth2 config + a name for the OAuth strategy config key. Also, for the end point, I believe the url needs to be changed to include the strategy name inside so that there is no conflict. Does it make sense? @stephane-segning |
For the configuration, an arraylike makes sense. Now, to allow customization, we can define each item either in the form of a function, maybe promise-like for people thinking about multi-tenancy, so that they resolve to the configuration or the configuration. And as you said, each array item's subconfig can simply be
For the URL, we can check just after plugin init if everything is ok and throw an error if there are conflicts. We don't need to change URLs for that. But we can build default URLs using the id of config. How do you see this one @adrien2p ? |
That sounds like a solid plan. I like it 💪 |
# 1.0.0 (2024-12-25) ### Bug Fixes * add support for logout ([7bbefe7](7bbefe7)) * admin.scope and store.scope parameters from medusa-config.js not passed through to passport ([adrien2p#170](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/170)) ([b4c3359](b4c3359)) * apply expiresIn from the auth provider config ([76d37d4](76d37d4)) * Auth route builder ([adrien2p#44](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/44)) ([b5f6d7a](b5f6d7a)) * auth store strategies ([adrien2p#24](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/24)) ([60a03e6](60a03e6)) * authentication strategy cookies and split cookies per domain ([80363de](80363de)) * **auth:** loadRouters ([356fff4](356fff4)) * **auth:** Remove promise options resolution as it is not supported by medusa for now ([8852c3e](8852c3e)) * build callback handler token gegeneration ([adrien2p#31](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/31)) ([69313db](69313db)) * check that api token have been provided before attaching the admin routes ([cb392b2](cb392b2)) * CICD node version in semantic release ([59586db](59586db)) * Cors issue ([d14d8f2](d14d8f2)) * Error request always return 200 after being sent to sentry ([c37272a](c37272a)) * failure redirect not working properly ([adrien2p#103](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/103)) ([5a10308](5a10308)) * Few fixes on sentry table management and data display ([adrien2p#15](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/15)) ([44d7342](44d7342)) * Force medusa deps version to be in range ([7cd666e](7cd666e)) * generate random password the first time ([adrien2p#115](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/115)) ([5f5f269](5f5f269)) * google auth route builder ([adrien2p#60](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/60)) ([f0d678a](f0d678a)) * Handle user type guest in azure ad ([ed60fed](ed60fed)) * init project ([10fe1d2](10fe1d2)) * int package ([5058353](5058353)) * jwt store token property ([775df46](775df46)) * logout ([c23027d](c23027d)) * logout ([a6c6a08](a6c6a08)) * max value of per page ([aa699fa](aa699fa)) * **medusa/payment-paytr:** Wrong gitignore configuration ([8e07991](8e07991)) * missing update of jwt strategy ([ec8aecf](ec8aecf)) * Node version in cicd ([391c3d6](391c3d6)) * npm files ([ab44413](ab44413)) * On query filter, the cursor should be rested ([ec03564](ec03564)) * revert path changes ([5232bbe](5232bbe)) * sentry typo ([1bb7920](1bb7920)) * update logout handler accordingly to the previous changes ([4f01f31](4f01f31)) * Wrong user property used in store auth strategies ([73812dc](73812dc)) ### Features * Add environment support ([8376066](8376066)) * add Linkedin Oauth 2 support ([acc036b](acc036b)) * Add support for dynamic success redirect url through a query param ([1d16fc1](1d16fc1)) * add support for strict options ([adrien2p#84](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/84)) ([3e18cb3](3e18cb3)) * Add twitter OAuth 2 pre-support ([1395689](1395689)) * Allow to access session from the plugin and remove cookie usage ([adrien2p#32](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/32)) ([d97a96f](d97a96f)) * Allow to pass a custom verify callback for google strategy ([adrien2p#18](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/18)) ([7b0f824](7b0f824)) * **api:** Add support for equation in 'query' query param for sentry end points ([19c5e1e](19c5e1e)) * **Auth0:** Add Auth0 Authentication ([adrien2p#27](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/27)) ([06c0c20](06c0c20)) * cleanup old code and start sentry plugin ([dd4a518](dd4a518)) * Implement prometheus plugin ([adrien2p#13](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/13)) ([e8c2e47](e8c2e47)) * Include more data from the fetched sentry transactions and improve pagination ([e476e50](e476e50)) * Init project ([040b21c](040b21c)) * **medusa-plugin-auth:** added oauth2 as login strategy ([adrien2p#119](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/119)) ([4dde834](4dde834)) * **medusa-plugin-sentry:** add repo to package.json ([2a407f0](2a407f0)) * **medusa-plugin-sentry:** Add service unit tests and update readme ([05b3e94](05b3e94)) * **medusa-plugin-sentry:** Finalise sentry plugin + add support for web hooks + Add API end points to fetch transactrions and transaction events paginated" ([204cc69](204cc69)) * **medusa-plugin-sentry:** Fix package.json ([09664c7](09664c7)) * **medusa-plugin-sentry:** Fix package.json ([8b94959](8b94959)) * **medusa-plugin-sentry:** Update readme ([1d424cf](1d424cf)) * **medusa-plugin-sentry:** Update readme ([385dd36](385dd36)) * **medusa-plugins:** fix package.json ([36424b4](36424b4)) * **medusa/payement-paytr:** Improve tests and logic ([59cea45](59cea45)) * **medusa/payment-paytr:** Finalize paytr payment ([e6c9af9](e6c9af9)) * **medusa/payment-paytr:** Update web hook ([4bafed9](4bafed9)) * **payment-paytr:** Implement payment provider ([#1](#1)) ([cb419ca](cb419ca)) * Re organise packages ([0eecc66](0eecc66)) * Support for medusa latest storefron ([3a44446](3a44446)) * supposrt facebook authentication strategy ([adrien2p#19](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/19)) ([1dc7582](1dc7582)) * top level domain set in the cookie ([adrien2p#166](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/166)) ([c226927](c226927)) * Ui component and routing for medusa admin sentry ([adrien2p#14](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/14)) ([e04071d](e04071d)) * update strategies according to the latest auth changes from medusa core ([adrien2p#26](https://github.com/xponential-asia/medusa-xpo-auth-plugins/issues/26)) ([9afc2fd](9afc2fd))
No description provided.